Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works

Who can help me with this log file?

  • Please log in to reply



    New Member

  • Member
  • Pip
  • 1 posts
Who can help me, with the log file listed underneath.
I have already cleared a view things out myself and my computer is not getting a 'danger' warning anymore all the time. But my computer is still not working like it was before. My desktop for example is gone, there is a grey screen without a background and without icons...

I am not a expert in these things and I do not know what to do exactly. I installed allready Spybot, Windows anti-Spyware and I made this log file with Hijack This.

What can I do more to restore the working of my computer and to get rid of ad- and spyware?

Logfile of HijackThis v1.98.2
Scan saved at 18:20:34, on 22-3-2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Documents and Settings\WinXP\Application Data\iuws.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Documents and Settings\WinXP\Local Settings\Temp\Tijdelijke map 1 voor hijackthis.zip\HijackThis.exe
C:\Documents and Settings\WinXP\Local Settings\Temp\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.competitiemanager.nl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.competitiemanager.nl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer aangeboden door @Home
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: framsbuf - {1DF62285-BABC-A503-7AD2-6A7E42A09832} - C:\WINDOWS\System32\framsbuf.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {6EAA612B-B511-07B8-8659-64557BA47B19} - C:\WINDOWS\System32\owi.dll (file missing)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: (no name) - {9EAC0102-5E61-2312-BC2D-4D54434D5443} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [websx] C:\Program Files\websx\int339890.exe -auto
O4 - HKLM\..\Run: [Microsoft 16Bit Update] wuapdate16.exe
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [NAV CfgWiz] "C:\Program Files\Norton AntiVirus\CfgWiz.exe" /GUID {0D7956A2-5A08-4ec2-A72C-DF8495A66016} /MODE CfgWiz /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [vptray] C:\Program Files\NavNT\vptray.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [NVIDIA Video drivers] video_32D.exe
O4 - HKLM\..\Run: [WhenUSave] "C:\Program Files\Save\Save.exe"
O4 - HKLM\..\RunServices: [Microsoft 16Bit Update] wuapdate16.exe
O4 - HKLM\..\RunServices: [NVIDIA Video drivers] video_32D.exe
O4 - HKLM\..\RunOnce: [Local runole service] C:\WINDOWS\System32\srvc32.exe
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Microsoft 16Bit Update] wuapdate16.exe
O4 - HKCU\..\Run: [Nshi] C:\Documents and Settings\WinXP\Application Data\iuws.exe
O4 - HKCU\..\Run: [NVIDIA Video drivers] video_32D.exe
O4 - HKCU\..\Run: [Arqodw] C:\WINDOWS\System32\nwzfg.exe
O4 - HKCU\..\Run: [Jwfpxh] C:\WINDOWS\System32\haegfuyk.exe
O4 - HKCU\..\Run: [NDrv] C:\WINDOWS\System32\NDrv.exe
O4 - HKCU\..\Run: [WCPC] C:\WINDOWS\System32\wintsvcc.exe
O4 - HKCU\..\Run: [ClockSync] "C:\Program Files\ClockSync\Sync.exe" /q
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Zbyh] C:\WINDOWS\System32\mtdro.exe
O4 - HKCU\..\RunOnce: [Local runole service] C:\WINDOWS\System32\srvc32.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: Microsoft AntiSpyware helper - {E7524A0E-2D93-4205-BFF0-1AA10E3BDE25} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {E7524A0E-2D93-4205-BFF0-1AA10E3BDE25} - (no file) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://start.home.nl/
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....467&clcid=0x409
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zon...MineSweeper.cab
O16 - DPF: {7589EEE6-E336-11D4-8A7E-EE1D971D9B47} (AcontiX Control) - http://secure.aconti.../goodthinxx.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...StatsClient.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pdownloader.cab
O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://sc.groups.msn...UC/MsnPUpld.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zon...ireShowdown.cab
O21 - SSODL: NTDBGTOOL - {65FAB723-682C-4342-99AD-CA9860175AB3} - C:\WINDOWS\System32\svchuapi.dll
  • 0




    All Around Computer Nut

  • Retired Staff
  • 2,678 posts
hi sorry for the delayed response, as we have been very busy lately

could you please Click Here download the latest version of Hijack This (1.99.1). It's better able to catch the latest threats. and post a fresh log for review

If you machine is already fixed please respond here and let us know.

  • 0

Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP